[sudo-users] LDAPS + sudo + AIX 7.1

ace man kevev at hotmail.com
Fri Aug 16 14:49:20 MDT 2013

Hello. I am a new AIX admin with lots of Linux experience. I have compiled sudo 1.6.9p23 with ldap support an am attempting to get it working.

I have sudoer entries available via LDAP on port 389 without encryption working just fine in AIX.
When I change the uri in /etc/ldap.conf to ldaps://server.address the `sudo -l` command hangs.
I see communication via port 636 from the AIX box using tcpdump. I am wondering if I am missing
a package or if I am missing a configure option before compiling. If anyone has tips or instructions
they would be greatly appreciated.  :o)

More info:


base dc=ldap,dc=local
tls_cacertdir /etc/security/ldap/cacerts
tls_cacertfile /etc/security/ldap/cacerts/cacert.asc
tls_checkpeer no
uri ldaps://server1.local ldaps://server2.local
bind_timelimit 5
timelimit 5
sudoers_debug 7

`sudo -l`
LDAP Config Summary
uri                  ldaps://sever1.local/ ldaps://server2.local
ldap_version 3
sudoers_base ou=SUDOers,dc=ldap,dc=local
binddn               (anonymous)
bindpw              (anonymous)
timelimit            5
ssl                     (no)
tls_checkpeers         (no)
sudo: ldap_init (server1.local:636 server2.local:636, 389)
sudo: ldap_set_options: ldap_version -> 3
sudo: ldap_set_options: timelimit -> 5

I edited to remove sensitive information.

More information about the sudo-users mailing list